1 | // Licensed to the Apache Software Foundation (ASF) under one |
2 | // or more contributor license agreements. See the NOTICE file |
3 | // distributed with this work for additional information |
4 | // regarding copyright ownership. The ASF licenses this file |
5 | // to you under the Apache License, Version 2.0 (the |
6 | // "License"); you may not use this file except in compliance |
7 | // with the License. You may obtain a copy of the License at |
8 | // |
9 | // http://www.apache.org/licenses/LICENSE-2.0 |
10 | // |
11 | // Unless required by applicable law or agreed to in writing, |
12 | // software distributed under the License is distributed on an |
13 | // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
14 | // KIND, either express or implied. See the License for the |
15 | // specific language governing permissions and limitations |
16 | // under the License. |
17 | |
18 | |
19 | #ifndef BRPC_AUTHENTICATOR_H |
20 | #define BRPC_AUTHENTICATOR_H |
21 | |
22 | #include <ostream> |
23 | #include "butil/endpoint.h" // butil::EndPoint |
24 | #include "butil/macros.h" // BAIDU_CONCAT |
25 | #include "brpc/extension.h" // Extension<T> |
26 | |
27 | |
28 | namespace brpc { |
29 | |
30 | class AuthContext { |
31 | public: |
32 | AuthContext() : _is_service(false) {} |
33 | ~AuthContext() {} |
34 | |
35 | const std::string& user() const { return _user; } |
36 | void set_user(const std::string& user) { _user = user; } |
37 | |
38 | const std::string& group() const { return _group; } |
39 | void set_group(const std::string& group) { _group = group; } |
40 | |
41 | const std::string& roles() const { return _roles; } |
42 | void set_roles(const std::string& roles) { _roles = roles; } |
43 | |
44 | const std::string& starter() const { return _starter; } |
45 | void set_starter(const std::string& starter) { _starter = starter; } |
46 | |
47 | bool is_service() const { return _is_service; } |
48 | void set_is_service(bool is_service) { _is_service = is_service; } |
49 | |
50 | private: |
51 | bool _is_service; |
52 | std::string _user; |
53 | std::string _group; |
54 | std::string _roles; |
55 | std::string _starter; |
56 | }; |
57 | |
58 | class Authenticator { |
59 | public: |
60 | virtual ~Authenticator() {} |
61 | |
62 | // Implement this method to generate credential information |
63 | // into `auth_str' which will be sent to `VerifyCredential' |
64 | // at server side. This method will be called on client side. |
65 | // Returns 0 on success, error code otherwise |
66 | virtual int GenerateCredential(std::string* auth_str) const = 0; |
67 | |
68 | // Implement this method to verify credential information |
69 | // `auth_str' from `client_addr'. You can fill credential |
70 | // context (result) into `*out_ctx' and later fetch this |
71 | // pointer from `Controller'. |
72 | // Returns 0 on success, error code otherwise |
73 | virtual int VerifyCredential(const std::string& auth_str, |
74 | const butil::EndPoint& client_addr, |
75 | AuthContext* out_ctx) const = 0; |
76 | |
77 | }; |
78 | |
79 | inline std::ostream& operator<<(std::ostream& os, const AuthContext& ctx) { |
80 | return os << "[name=" << ctx.user() << " [This is a " |
81 | << (ctx.is_service() ? "service" : "user" ) |
82 | << "], group=" << ctx.group() << ", roles=" << ctx.roles() |
83 | << ", starter=" << ctx.starter() << "]" ; |
84 | } |
85 | |
86 | |
87 | } // namespace brpc |
88 | |
89 | |
90 | |
91 | #endif // BRPC_AUTHENTICATOR_H |
92 | |